security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Batch / Page / AJAX.php

diff --git a/CRM/Batch/Page/AJAX.php b/CRM/Batch/Page/AJAX.php
index b06cd7545014b86677ab75ee47e199a6a23eecc4..7849fc7e71c963325ef73020e4019a9ee2a7f5ea 100644 (file)
--- a/CRM/Batch/Page/AJAX.php
+++ b/CRM/Batch/Page/AJAX.php
@@ -54,7 +54,7 @@ class CRM_Batch_Page_AJAX {
    * @deprecated
    */
   public static function getBatchList() {
-    $context = isset($_REQUEST['context']) ? CRM_Utils_Type::escape($_REQUEST['context'], 'String') : NULL;
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric');
     if ($context != 'financialBatch') {
       $sortMapper = array(
         0 => 'title',